diff options
| author | jkar8572 <jkar8572> | 2001-08-21 15:34:31 +0000 |
|---|---|---|
| committer | jkar8572 <jkar8572> | 2001-08-21 15:34:31 +0000 |
| commit | 8aaad9540966c73ae67a5065abbbc55391614479 (patch) | |
| tree | 5e8535ee07094952042a25e55eead53a2d4b09bd | |
| parent | 8adee330bc0927d9c5ccb5f9925cc83cd8c869f8 (diff) | |
Updated host checking from nfsutils rquotad().
| -rw-r--r-- | rquota_server.c | 39 | ||||
| -rw-r--r-- | rquota_svc.c | 59 |
2 files changed, 59 insertions, 39 deletions
diff --git a/rquota_server.c b/rquota_server.c index c7b1a4c..d044049 100644 --- a/rquota_server.c +++ b/rquota_server.c @@ -9,7 +9,7 @@ * * This part does the lookup of the info. * - * Version: $Id: rquota_server.c,v 1.6 2001/08/15 20:13:42 jkar8572 Exp $ + * Version: $Id: rquota_server.c,v 1.7 2001/08/21 15:34:31 jkar8572 Exp $ * * Author: Marco van Wieringen <mvw@planets.elm.net> * @@ -19,18 +19,11 @@ * 2 of the License, or (at your option) any later version. */ #include <rpc/rpc.h> -#include <sys/file.h> -#include <sys/stat.h> -#include <sys/mount.h> #include <arpa/inet.h> #include <paths.h> #include <stdio.h> #include <syslog.h> #include <time.h> -#include <netdb.h> -#ifdef HOSTS_ACCESS -#include <tcpd.h> -#endif #include "mntopt.h" #include "quotaops.h" @@ -53,10 +46,6 @@ #define NETTYPE AF_INET -#ifdef HOSTS_ACCESS -#define good_client(a,b) hosts_ctl("rpc.rquotad", b, inet_ntoa(a->sin_addr), "") -#endif - int allow_severity = LOG_INFO; int deny_severity = LOG_WARNING; @@ -134,20 +123,6 @@ setquota_rslt *setquotainfo(int flags, caddr_t * argp, struct svc_req *rqstp) int id, qcmd, type; struct quota_handle *handles[2] = { NULL, NULL }; -#ifdef HOSTS_ACCESS - struct hostent *hp; - struct sockaddr_in *addr; - - addr = (svc_getcaller(rqstp->rq_xprt)); - hp = gethostbyaddr((char *)&(addr->sin_addr), sizeof(addr->sin_addr), AF_INET); - - if (!good_client(svc_getcaller(rqstp->rq_xprt), hp->h_name)) { - result.status = Q_EPERM; - return (&result); - } - -#endif - /* * First check authentication. */ @@ -232,18 +207,6 @@ getquota_rslt *getquotainfo(int flags, caddr_t * argp, struct svc_req * rqstp) int id, type; struct quota_handle *handles[2] = { NULL, NULL }; -#ifdef HOSTS_ACCESS - struct hostent *hp; - struct sockaddr_in *addr; - - addr = (svc_getcaller(rqstp->rq_xprt)); - hp = gethostbyaddr((char *)&(addr->sin_addr), sizeof(addr->sin_addr), AF_INET); - - if (!good_client(svc_getcaller(rqstp->rq_xprt), hp->h_name)) { - return (FALSE); - } -#endif - /* * First check authentication. */ diff --git a/rquota_svc.c b/rquota_svc.c index 90734e9..591a9ef 100644 --- a/rquota_svc.c +++ b/rquota_svc.c @@ -10,7 +10,7 @@ * * Author: Marco van Wieringen <mvw@planets.elm.net> * - * Version: $Id: rquota_svc.c,v 1.3 2001/08/15 20:13:42 jkar8572 Exp $ + * Version: $Id: rquota_svc.c,v 1.4 2001/08/21 15:34:32 jkar8572 Exp $ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License as @@ -27,6 +27,10 @@ #include <string.h> /* strcmp */ #include <memory.h> #include <unistd.h> +#ifdef HOSTS_ACCESS +#include <tcpd.h> +#include <netdb.h> +#endif #ifdef __STDC__ #define SIG_PF void(*)(int) @@ -46,6 +50,41 @@ struct authunix_parms *unix_cred; char **argvargs; int argcargs; + +#ifdef HOSTS_ACCESS +int good_client(struct sockaddr_in *addr) +{ + struct hostent *h; + char *name, **ad; + + /* Check IP address */ + if (hosts_ctl("rquotad", "", inet_ntoa(addr->sin_addr), "")) + return 1; + /* Get address */ + if (!(h = gethostbyaddr(&(addr->sin_addr), sizeof(addr->sin_addr), AF_INET))) + return 0; + if (!(name = alloca(strlen(h->h_name)+1))) + return 0; + strcpy(name, h->h_name); + /* Try to resolve it back */ + if (!(h = gethostbyname(name))) + return 0; + for (ad = h->h_addr_list; *ad; ad++) + if (!memcmp(*ad, &(addr->sin_addr), h->h_length)) + break; + if (!*ad) /* Our address not found? */ + return 0; + /* Check host name */ + if (hosts_ctl("rquotad", "", h->h_name, "")) + return 1; + /* Check aliases */ + for (ad = h->h_aliases; *ad; ad++) + if (hosts_ctl("rquotad", "", *ad, "")) + return 1; + return 0; +} +#endif + static void rquotaprog_1(struct svc_req *rqstp, register SVCXPRT * transp) { union { @@ -58,6 +97,15 @@ static void rquotaprog_1(struct svc_req *rqstp, register SVCXPRT * transp) xdrproc_t xdr_argument, xdr_result; char *(*local) (char *, struct svc_req *); +#ifdef HOSTS_ACCESS + /* + * Authenticate host + */ + if (!good_client(svc_getcaller(rqstp->rq_xprt))) { + svcerr_auth (transp, AUTH_FAILED); + return; + } +#endif /* * Don't bother authentication for NULLPROC. */ @@ -136,6 +184,15 @@ static void rquotaprog_2(struct svc_req *rqstp, register SVCXPRT * transp) xdrproc_t xdr_argument, xdr_result; char *(*local) (char *, struct svc_req *); +#ifdef HOSTS_ACCESS + /* + * Authenticate host + */ + if (!good_client(svc_getcaller(rqstp->rq_xprt))) { + svcerr_auth (transp, AUTH_FAILED); + return; + } +#endif /* * Don't bother authentication for NULLPROC. */ |